package com.campus.interceptor;

import com.campus.constant.JwtClaimsConstant;
import com.campus.constant.StatusConstant;
import com.campus.context.CurrentHolder;
import com.campus.mapper.UserMapper;
import com.campus.pojo.entity.User;
import com.campus.properties.JwtProperties;
import com.campus.utils.JwtUtil;
import io.jsonwebtoken.Claims;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

/**
 * jwt令牌校验的拦截器
 */
@Component
@Slf4j
public class JwtUserInterceptor implements HandlerInterceptor {

    @Autowired
    private JwtProperties jwtProperties;
    @Autowired
    private UserMapper  userMapper;
    /**
     * 校验jwt
     *
     * @param request
     * @param response
     * @param handler
     * @return
     * @throws Exception
     */
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        //判断当前拦截到的是Controller的方法还是其他资源
        if (!(handler instanceof HandlerMethod)) {
            //当前拦截到的不是动态方法，直接放行
            return true;
        }

        log.info("拦截请求: {}", request.getRequestURL());
        //1、从请求头中获取令牌
        String token = request.getHeader(jwtProperties.getUserTokenName());

        //2、校验令牌token 和 用户账号状态 如果用户被禁用，即使 Token 有效，也返回 false
        try {
            log.info("jwt校验:{}", token);
            Claims claims = JwtUtil.parseJWT(jwtProperties.getUserSecretKey(), token);
            Long userId = Long.valueOf(claims.get(JwtClaimsConstant.USER_ID).toString());
            log.info("当前用户id：{}", userId);
            //设置当前用户id到ThreadLocal中
            CurrentHolder.setCurrentId(userId);

            //3.根据用户id查询用户信息 检查账号状态
            User user = userMapper.getUserById(userId);
            if (user.getStatus() == StatusConstant.ACCOUNT_DISABLE) {
                //账号被锁定 响应401
                response.setStatus(401);
                return false;
            }

            //4、通过，放行
            return true;
        } catch (Exception ex) {
            //4、不通过，响应401状态码
            response.setStatus(401);
            return false;
        }
    }

    //在渲染视图之后执行 无论请求正常完成还是发生异常，afterCompletion() 都会被调用
    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
        //清除当前线程的局部变量ThreadLocal中的数据，以达到释放资源，防止线程复用导致的数据污染和内存泄漏
        log.info("清除当前线程的局部变量ThreadLocal中的数据");
        CurrentHolder.remove();
    }
}
